ID CVE-2018-12258
Summary An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
misc https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf
Last major update 12-06-2018 - 14:29
Published 12-06-2018 - 14:29
Last modified 12-06-2018 - 14:29
Back to Top